Hacking soon to move to the cloud
As more and more software packages, clients, and businesses move their data into the cloud, more and more cyber-attacks and fraud will be done in the cloud, says a cyber-crime federal prosecutor.
Matthew Parrella, chief of the computer hacking and intellectual property unit at the U.S. Attorney’s Office and based in San Jose, CA said during a security conference that he believes that the software piracy model involving counterfeited CD’s and remote foreign locations is now, or soon will be, a thing of the past, as will hacking into ground-based networks. Companies are accelerating the current trend to distribute software and store their data on the Web, and Parrella thinks that the cyber-criminals will follow that migration.
Parella said, “That model of importation of software is becoming obsolete because we’re seeing on the horizon cloud computing where so many of these operations are pushed from a user’s PC or a user’s computer onto Google Docs or Salesforce.com.” In five years, he said “I’m thinking the attack is going to be on cloud computing centers.”
Although Parrella spends much of his time prosecuting cases involving pirated computer software and data, as well as the theft of intellectual property, according to an article by CNET. He says he has also been tracking a botnet network that has grown to over 100,000 computers. He admits, “We don’t know what it does. That’s the type of threat we’re looking to prosecute…malware that may lead to distributed denial of service attacks.”
Donna Peterson, an FBI agent and another attendee at the conference, says she has seen “tremendous uptick in large-scale, fairly devastating data breaches” including one that resulted in the loss of about $10 million in a single day. She said that cyber-thieves “are getting more organized and their technical sophistication is better. They do what they need to get the job done…if they can use a 5-year-old exploit in conjunction with an exploit that they paid a programmer in another country $60,000 to (write), they will do it.”
Computer criminals are getting so much better at what they do that they can worm their way into a target system so completely that it will be absolutely under their control and the owner will not have a clue of it. When they are done draining the assets out of the system, there will often be absolutely no record of anyone having been in the system.
It would seem that with more such systems running in the cloud under identical security conditions, it may be possible to increase the value of these cyber-exploits dramatically. Before you move into your cloud, make sure that all the doors and windows are locked and the the best security system that you can buy is turned on.
Related Posts:
July 11th, 2009
to view a partial list of crimes committed by FBI agents over 1500 pages long see
http://www.forums.signonsandiego.com/showthread.php?t=59139
to view a partial list of FBI agents arrested for pedophilia see
http://www.dallasnews.com/forums/viewtopic.php?t=3574